Glibc, the GNU C library at the core of last year’s GHOST vulnerability, is vulnerable to another critical flaw affecting nearly all Linux machines, as well as API web services and major web frameworks where the code runs. The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory.
Symantec analysis of recent Dridex spam campaigns found that they are operating on a vast scale, with millions of new emails being sent out on a daily basis. The attackers behind Dridex are disciplined and professional. They operate on a standard working week, continually refine the malware, and put significant effort into disguising their spam campaigns as legitimate emails.
That's the stark warning following a survey by security company Palo Alto Networks which directly asked C-Level executives about their knowledge surrounding security issues and 13% said they only "kind of" understand what defines an online security risk to a businesses. Worryingly, many in leadership roles also said they still have to use Google to help explain cyber security risk.
Discovered by a Swiss researcher at abuse.ch, PadCrypt is the first ransomware family to include the capability for real-time interaction with the attackers. The malware’s known command-and-control servers, annaflowersweb[.]com, subzone3[.]2fh[.]co, and cloudnet[.]online are down, and for now PadCrypt is not a major threat.
The method is a so-called side-channel attack: an attack that doesn't tackle an encryption implementation head on, such as through brute force or by exploiting a weakness in the underlying algorithm, but through some other means. In this case, the attack relies on the electromagnetic outputs of the laptop that are emitted during the decryption process, which can then be used to work out the target's key.
An exploitable denial of service vulnerability exists in the font handling of Libgraphite. A specially crafted font can cause an out-of-bounds read potentially resulting in an information leak or denial of service; A specially crafted font can cause a buffer overflow resulting in potential code execution; An exploitable NULL pointer dereference exists in the bidirectional font handling functionality of Libgraphite. A specially crafted font can cause a NULL pointer dereference resulting in a cras
Ransomware is a growing menace for computer users - but when a hospital is targeted, it makes the disruption far more serious. Computer systems at Hollywood Presbyterian Medical Center have been offline for more than a week following a ransomware attack. According to local news sources, hackers were said to have demanded $3.4m to provide the codes to unlock the stolen data.